In the MITRE ATT&CK framework, what does the acronym TTP stand for?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Security Operations Exam with targeted practice questions. Enhance your understanding with detailed explanations and tips to successfully pass your exam!

Multiple Choice

In the MITRE ATT&CK framework, what does the acronym TTP stand for?

Explanation:
The concept being tested is how TTP is used to describe attacker behavior in MITRE ATT&CK. Tactics are the high-level goals attackers try to achieve, techniques are the concrete methods used to reach those goals, and procedures are the specific, real-world steps an adversary follows to carry out a technique. Therefore, TTP stands for Tactics, Techniques, and Procedures. This order reflects the progression from overall aims to concrete methods to exact operations, which is why it’s the canonical expansion in ATT&CK. The other options mix in terms not used in the standard acronym (like Tools or Protocols) or swap the order, which isn’t how the framework is defined.

The concept being tested is how TTP is used to describe attacker behavior in MITRE ATT&CK. Tactics are the high-level goals attackers try to achieve, techniques are the concrete methods used to reach those goals, and procedures are the specific, real-world steps an adversary follows to carry out a technique. Therefore, TTP stands for Tactics, Techniques, and Procedures. This order reflects the progression from overall aims to concrete methods to exact operations, which is why it’s the canonical expansion in ATT&CK. The other options mix in terms not used in the standard acronym (like Tools or Protocols) or swap the order, which isn’t how the framework is defined.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy